-
-
Notifications
You must be signed in to change notification settings - Fork 392
139 lines (129 loc) · 4.89 KB
/
conformance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: Conformance Checks
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: '20 11 * * 1'
workflow_dispatch:
jobs:
build:
uses: panva/.github/.github/workflows/build-conformance-suite.yml@main
run:
runs-on: ubuntu-latest
needs:
- build
env:
NODE_TLS_REJECT_UNAUTHORIZED: 0
DEBUG: runner,moduleId*
SUITE_BASE_URL: https://localhost.emobix.co.uk:8443
PLAN_NAME: ${{ matrix.setup.plan }}
VARIANT: ${{ toJSON(matrix.setup) }}
strategy:
fail-fast: false
matrix:
setup:
# OIDC BASIC
- plan: oidcc-client-basic-certification-test-plan
# OIDC IMPLICIT
- plan: oidcc-client-implicit-certification-test-plan
# OIDC HYBRID
- plan: oidcc-client-hybrid-certification-test-plan
# OIDC CONFIG
- plan: oidcc-client-config-certification-test-plan
# OIDC DYNAMIC
# TODO: work around the request_uri lodging service EOL
# - plan: oidcc-client-dynamic-certification-test-plan
# FAPI 1.0 ID-2
- plan: fapi-rw-id2-client-test-plan
client_auth_type: mtls
- plan: fapi-rw-id2-client-test-plan
client_auth_type: private_key_jwt
# FAPI 1.0 Advanced Final
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_auth_request_method: pushed
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_auth_request_method: pushed
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_auth_request_method: pushed
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_auth_request_method: pushed
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_auth_request_method: pushed
fapi_response_mode: jarm
fapi_client_type: plain_oauth
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_response_mode: jarm
fapi_client_type: plain_oauth
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_auth_request_method: pushed
fapi_response_mode: jarm
fapi_client_type: plain_oauth
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_response_mode: jarm
fapi_client_type: plain_oauth
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set Conformance Suite Version
run: |
export VERSION=($(curl --silent "https://gitlab.com/api/v4/projects/4175605/releases" | jq -r '.[0].tag_name'))
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Load Cached Conformance Suite Build
uses: actions/cache@v3
id: cache
with:
path: ./conformance-suite
key: ${{ needs.build.outputs.cache-key }}
fail-on-cache-miss: true
- name: Run Conformance Suite
working-directory: ./conformance-suite
run: |
docker-compose -f docker-compose-dev.yml up -d
while ! curl -skfail https://localhost.emobix.co.uk:8443/api/runner/available >/dev/null; do sleep 2; done
- run: git clone --depth 1 --single-branch --branch main https://github.com/panva/openid-client-certification-suite.git runner
- uses: actions/setup-node@v4
with:
node-version: lts/hydrogen # 18
cache: 'npm'
- run: npm clean-install
working-directory: ./runner
- run: npm install ${{ github.repository }}#${{ github.sha }}
working-directory: ./runner
- run: npm run test
working-directory: ./runner
- name: Upload test artifacts
uses: actions/upload-artifact@v3
with:
path: runner/export-*.zip
name: ${{ matrix.setup.plan }} failed html results
if-no-files-found: ignore
if: ${{ failure() }}
- name: Upload test logs
uses: actions/upload-artifact@v3
with:
if-no-files-found: warn
name: ${{ matrix.setup.plan }} runner logs
path: runner/logs/*.log
if: ${{ failure() }}